Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,310
Maven
5,000+
npm
3,949
NuGet
711
pip
3,728
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

208 advisories

Loading
The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 ... High Unreviewed
CVE-2017-9222 was published May 13, 2022
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin... High Unreviewed
CVE-2017-9023 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop... High Unreviewed
CVE-2017-7748 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite... High Unreviewed
CVE-2017-7746 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an... High Unreviewed
CVE-2017-7700 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite... High Unreviewed
CVE-2017-7745 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite... High Unreviewed
CVE-2017-7702 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an... High Unreviewed
CVE-2017-7705 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop... High Unreviewed
CVE-2017-7701 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by... High Unreviewed
CVE-2017-7704 was published May 13, 2022
In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in... High Unreviewed
CVE-2017-7619 was published May 13, 2022
crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service ... High Unreviewed
CVE-2017-7618 was published May 13, 2022
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c... High Unreviewed
CVE-2017-7401 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop,... High Unreviewed
CVE-2017-6472 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop,... High Unreviewed
CVE-2017-6467 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop,... High Unreviewed
CVE-2017-6474 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by... High Unreviewed
CVE-2017-6470 was published May 13, 2022
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote... High Unreviewed
CVE-2017-6214 was published May 13, 2022
In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an... High Unreviewed
CVE-2017-6014 was published May 13, 2022
It was discovered that a programming error in the processing of HTTPS requests in the Apache... High Unreviewed
CVE-2017-6056 was published May 13, 2022
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the... High Unreviewed
CVE-2017-15602 was published May 13, 2022
In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a... High Unreviewed
CVE-2017-14929 was published May 13, 2022
In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after... High Unreviewed
CVE-2017-14519 was published May 13, 2022
The DNS packet parser in YADIFA before 2.2.6 does not check for the presence of infinite pointer... High Unreviewed
CVE-2017-14339 was published May 13, 2022
There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It... High Unreviewed
CVE-2017-14229 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database